A3600r Firmware Security Vulnerabilities and Issues — A3600r Firmware CVE List

Lucene search

TotolinkA3600r Firmware

16 matches found

CVE•added 2022/02/24 3:15 p.m.•152 views

CVE-2022-25078

TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

9.8CVSS9.9AI score0.06059EPSS

CVE•added 2022/08/04 7:15 p.m.•56 views

CVE-2022-34993

Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc/shadow.sample.

9.8CVSS9.6AI score0.00259EPSS

CVE•added 2024/07/29 12:15 a.m.•52 views

CVE-2024-7173

A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password/http_host leads to buffer overflow. The attack may be launched re...

9CVSS8.8AI score0.0051EPSS

CVE•added 2024/07/29 3:15 a.m.•49 views

CVE-2024-7178

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as critical. Affected by this vulnerability is the function setMacQos of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument priority/macAddress leads to buffer overflow. The attack can be launched...

9CVSS8.9AI score0.00464EPSS

CVE•added 2024/07/29 2:15 a.m.•48 views

CVE-2024-7177

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. Affected is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument langType leads to buffer overflow. It is possible to launch the attack remotely. The ex...

9CVSS8.9AI score0.01116EPSS

CVE•added 2024/07/29 3:15 a.m.•48 views

CVE-2024-7179

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument startTime/endTime leads to buffer overflow. The attack may be launched remot...

9CVSS8.8AI score0.00544EPSS

CVE•added 2024/07/29 5:15 a.m.•45 views

CVE-2024-7183

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected is the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. It is possible to launch the attack remotely. The e...

9CVSS7AI score0.00544EPSS

CVE•added 2024/07/29 6:15 a.m.•45 views

CVE-2024-7186

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as critical. This affects the function setWiFiAclAddConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. It is possible to initiate the attack remotely....

9CVSS8.8AI score0.00464EPSS

CVE•added 2024/07/29 4:15 a.m.•44 views

CVE-2024-7182

A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buffer overflow. The attack may be initiated remotely. The e...

9CVSS8.9AI score0.00464EPSS

CVE•added 2024/07/29 5:15 a.m.•43 views

CVE-2024-7184

A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this vulnerability is the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to buffer overflow. The attack can be launched remotely....

9CVSS7AI score0.00464EPSS

CVE•added 2024/07/29 2:15 a.m.•42 views

CVE-2024-7176

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. This issue affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS8.9AI score0.00558EPSS

CVE•added 2024/07/29 7:15 a.m.•42 views

CVE-2024-7187

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. T...

9CVSS8.8AI score0.00417EPSS

CVE•added 2024/07/29 12:15 a.m.•41 views

CVE-2024-7174

A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This affects the function setdeviceName of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument deviceMac/deviceName leads to buffer overflow. It is possible to initiate the attack rem...

9CVSS8.8AI score0.01195EPSS

CVE•added 2024/07/29 6:15 a.m.•39 views

CVE-2024-7185

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical. Affected by this issue is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument webWlanIdx leads to buffer overflow. The attack may be launched remotely. The explo...

9CVSS8.8AI score0.00687EPSS

CVE•added 2024/07/28 11:15 p.m.•37 views

CVE-2024-7172

A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument http_host leads to buffer overflow. The attack can be launc...

9CVSS8.9AI score0.00485EPSS

CVE•added 2024/07/29 3:15 a.m.•37 views

CVE-2024-7180

A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This affects the function setPortForwardRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument comment leads to buffer overflow. It is possible to initiate the attack remotely. The exp...

9CVSS8.9AI score0.00497EPSS